Browse code
more lxc cleanup - better stack user configuration
Anthony Young authored on 2011/09/14 01:57:31Showing 1 changed files
| ... | ... |
@@ -12,13 +12,12 @@ WARMCACHE=${WARMCACHE:-0}
|
| 12 | 12 |
|
| 13 | 13 |
# Shutdown any existing container |
| 14 | 14 |
lxc-stop -n $CONTAINER |
| 15 |
-sleep 1 |
|
| 15 |
+ |
|
| 16 | 16 |
# This prevents zombie containers |
| 17 | 17 |
cgdelete -r cpu,net_cls:$CONTAINER |
| 18 |
-sleep 1 |
|
| 18 |
+ |
|
| 19 | 19 |
# Destroy the old container |
| 20 | 20 |
lxc-destroy -n $CONTAINER |
| 21 |
-sleep 1 |
|
| 22 | 21 |
|
| 23 | 22 |
# Warm the base image on first run or when WARMCACHE=1 |
| 24 | 23 |
CACHEDIR=/var/cache/lxc/natty/rootfs-amd64 |
| ... | ... |
@@ -42,13 +41,27 @@ lxc.network.ipv4 = $CONTAINER_CIDR |
| 42 | 42 |
lxc.cgroup.devices.allow = c 10:200 rwm |
| 43 | 43 |
EOF |
| 44 | 44 |
|
| 45 |
-# Configure the network |
|
| 45 |
+# Create the container |
|
| 46 | 46 |
lxc-create -n $CONTAINER -t natty -f $LXC_CONF |
| 47 |
-sleep 2 |
|
| 48 | 47 |
|
| 49 |
-# Where our container lives |
|
| 48 |
+# Specify where our container lives |
|
| 50 | 49 |
ROOTFS=/var/lib/lxc/$CONTAINER/rootfs/ |
| 51 | 50 |
|
| 51 |
+# set root password to password |
|
| 52 |
+echo root:pass | chroot $ROOTFS chpasswd |
|
| 53 |
+ |
|
| 54 |
+# Create a stack user that is a member of the libvirtd group so that stack |
|
| 55 |
+# is able to interact with libvirt. |
|
| 56 |
+chroot $ROOTFS groupadd libvirtd |
|
| 57 |
+chroot $ROOTFS useradd stack -s /bin/bash -d /opt -G libvirtd |
|
| 58 |
+ |
|
| 59 |
+# a simple password - pass |
|
| 60 |
+echo stack:pass | chroot $ROOTFS chpasswd |
|
| 61 |
+ |
|
| 62 |
+# and has sudo ability (in the future this should be limited to only what |
|
| 63 |
+# stack requires) |
|
| 64 |
+echo "stack ALL=(ALL) NOPASSWD: ALL" >> $ROOTFS/etc/sudoers |
|
| 65 |
+ |
|
| 52 | 66 |
# Copy over your ssh keys and env if desired |
| 53 | 67 |
if [ "$COPYENV" = "1" ]; then |
| 54 | 68 |
cp -pr ~/.ssh $ROOTFS/root/.ssh |
| ... | ... |
@@ -56,8 +69,17 @@ if [ "$COPYENV" = "1" ]; then |
| 56 | 56 |
cp -pr ~/.gitconfig $ROOTFS/root/.gitconfig |
| 57 | 57 |
cp -pr ~/.vimrc $ROOTFS/root/.vimrc |
| 58 | 58 |
cp -pr ~/.bashrc $ROOTFS/root/.bashrc |
| 59 |
+ |
|
| 60 |
+ cp -pr ~/.ssh $ROOTFS/opt/.ssh |
|
| 61 |
+ cp -p ~/.ssh/id_rsa.pub $ROOTFS/opt/.ssh/authorized_keys |
|
| 62 |
+ cp -pr ~/.gitconfig $ROOTFS/opt/.gitconfig |
|
| 63 |
+ cp -pr ~/.vimrc $ROOTFS/opt/.vimrc |
|
| 64 |
+ cp -pr ~/.bashrc $ROOTFS/opt/.bashrc |
|
| 59 | 65 |
fi |
| 60 | 66 |
|
| 67 |
+# give stack ownership over /opt so it may do the work needed |
|
| 68 |
+chroot $ROOTFS chown -R stack /opt |
|
| 69 |
+ |
|
| 61 | 70 |
# Configure instance network |
| 62 | 71 |
INTERFACES=$ROOTFS/etc/network/interfaces |
| 63 | 72 |
cat > $INTERFACES <<EOF |
| ... | ... |
@@ -75,24 +97,11 @@ EOF |
| 75 | 75 |
INSTALL_SH=$ROOTFS/root/install.sh |
| 76 | 76 |
cat > $INSTALL_SH <<EOF |
| 77 | 77 |
#!/bin/bash |
| 78 |
+# Disable startup script |
|
| 78 | 79 |
echo \#\!/bin/sh -e > /etc/rc.local |
| 80 |
+# Make sure dns is set up |
|
| 79 | 81 |
echo "nameserver $NAMESERVER" | resolvconf -a eth0 |
| 80 | 82 |
sleep 1 |
| 81 |
-# Create a stack user that is a member of the libvirtd group so that stack |
|
| 82 |
-# is able to interact with libvirt. |
|
| 83 |
-groupadd libvirtd |
|
| 84 |
-useradd stack -s /bin/bash -d /opt -G libvirtd |
|
| 85 |
- |
|
| 86 |
-# a simple password - pass |
|
| 87 |
-echo stack:pass | chpasswd |
|
| 88 |
- |
|
| 89 |
-# give stack ownership over /opt so it may do the work needed |
|
| 90 |
-chown -R stack /opt |
|
| 91 |
- |
|
| 92 |
-# and has sudo ability (in the future this should be limited to only what |
|
| 93 |
-# stack requires) |
|
| 94 |
- |
|
| 95 |
-echo "stack ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers |
|
| 96 | 83 |
|
| 97 | 84 |
# Install and run stack.sh |
| 98 | 85 |
apt-get update |